Senior Security Engineer

Summary

Join SmithRx, a rapidly growing Health-Tech company, as a Security Engineer specializing in Security Operations, Detection Engineering, and Incident Response. This critical role involves leading the identification, analysis, and response to complex security threats in our cloud-native AWS environment. You will leverage your Python expertise to design, build, and tune detection mechanisms, automate responses, and improve security monitoring and incident response. You will collaborate on incident response, define technical roadmaps, and support security improvements across teams. The position requires 5+ years of hands-on experience in Security Operations, Detection Engineering, and/or Incident Response, along with strong Python proficiency and deep AWS security experience. Location is limited to specific states.

Requirements

• 5+ years of hands-on experience focused on Security Operations, Detection Engineering, and/or Incident Response
• Strong proficiency in Python for security automation, scripting, data analysis, and tool development
• Deep experience with AWS security , including logging services (CloudTrail, CloudWatch, VPC Flow Logs), security services (GuardDuty, Security Hub, IAM, Config), and incident response in the cloud
• Bachelor’s degree in Computer Science, Information Technology or a related field, or relevant work experience required in lieu of a degree
• Experience with infrastructure-as-code (e.g., Terraform) for deploying security resources
• Proven expertise in developing detection content (rules, queries, models) in SIEM platforms (e.g., Splunk, Elastic Security, Sentinel)
• Hands-on experience with EDR solutions (e.g., CrowdStrike, SentinelOne, Carbon Black) for detection and response
• Strong understanding of incident response methodologies, threat intelligence, cyber kill chain, and frameworks like MITRE ATT&CK
• Experience with log analysis, network traffic analysis, and host/endpoint forensics techniques
• Demonstrated ability to lead complex security incident investigations and response efforts
• Excellent communication skills and ability to remain calm and effective under pressure

Responsibilities

• Leverage Python to design, develop, test, and maintain high-fidelity and actionable detection-as-code rules, automate detection logic, parse and enrich complex data sources, and integrate security systems via APIs
• Proactively hunt for threats within our AWS and corporate environments, analyzing logs and system data to uncover malicious activity that evades automated detections
• Develop, refine, and automate incident response playbooks and standard operating procedures using SOAR (Security Orchestration, Automation, and Response) platforms and custom Python scripts
• Perform technical analysis during incidents, including log analysis, network traffic analysis, and host/endpoint artifact collection
• Manage and optimize core security operations tools (SIEM, SOAR, EDR, etc.)
• Serve as a strong technical contributor and subject matter expert within the Security Operations and Incident Response domain, influencing security practices across engineering and IT teams
• Autonomously define and deliver the technical roadmap for key detection and response initiatives, managing cross-functional dependencies

Preferred Qualifications

• Experience with SOAR platforms (e.g., Splunk SOAR, Palo Alto XSOAR, Tines) and automation techniques
• Relevant industry certifications (e.g., GCIH, GCFA, GNFA, GREM, AWS Security Specialty, Splunk Certified Architect/Consultant)
• Experience with threat hunting and purple teaming methodologies and tools
• Strong track record of mentoring junior team members

Benefits

• Highly competitive wellness benefits including Medical, Pharmacy, Dental, Vision, and Life Insurance and AD&D Insurance
• Flexible Spending Benefits
• 401(k) Retirement Savings Program
• Short-term and long-term disability
• Discretionary Paid Time Off
• 12 Paid Holidays
• Wellness Benefits
• Commuter Benefits
• Paid Parental Leave benefits
• Employee Assistance Program (EAP)
• Well-stocked kitchen in office locations
• Professional development and training opportunities